The Cyber Security Engineer will be responsible for tasks related to Assessment & Authorization (A&A) to ensure assigned DoD, DoN systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. In this role, the Cyber Security Engineer will participate in risk assessments of information systems to identify vulnerabilities, risks, and cyber protection needs. Develop RMF documentation to include system security plan artifacts which include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, contingency plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other DoD and Navy mandated artifacts that comprise the Security Authorization Package. Additionally, the individual will serve as an Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.
Responsibilities:
-Develops RMF accreditation artifact documentation to include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other Navy mandated artifacts that comprise the Security Authorization Package.
-Performs weekly CND vulnerability scans utilizing DoD/DoN mandated practices and software utilities.
-Conducts assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253 and NIST 800-53
-Prepare daily, weekly, and monthly reports detailing task and responsibility status
-Supports Cybersecurity Test & Evaluation (CT&E) activities of system security engineering and program protection activities.
-Monitors and executes compliance vulnerability scanning and uploads to the Navy VRAM database.
-Updates and validates policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations
-Provides IT Security Incident Response support services and report all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports
-Performs system categorization; select, tailor security controls, implement, and test security controls
-Attends and leads meetings, works in collaborative a team environment to provide network stability and continuity
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
-Bachelors degree (preferably in Information Technology, Information Management, or Cyber Security)
-Meet or exceed OPNAVINST 5239 requirements to be certified as Intermediate Qualified Level Navy Validator
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.